The Ten Most Critical Wireless and Mobile Security Vulnerabilities
by Mobile Antivirus Researcher’s Association - Thursday, 29 June 2006.
4. Bluetooth exploits

BlueSnarfing: OBEX protocol exploit that allows hackers to secretly access the mobile phone’s calander, pictures, phone contact list, etc. without the owner knowing.

BlueBugging: Allows hackers to send SMS messages from a remote vulnerable phone spoofing the sender. This is not the same as BlueSnarfing, and it effects only some phones.

BlueJacking: By renaming the name of the phone, the hacker can trick victims into accepting bluetooth connections. Normally, the name of the phone will be what make and model the device is. If the hacker changes it to “click here for free cash” the victim will often mistakenly click the pop up, thus allowing the hacker to connect to the device. BluJacking can be used by hackers to infect phones, to show obscene movies, etc.

BlueTooth DoS attacks: As with most things, bluetooth is also vulnerable to certain types of denial of service attacks. Hackers can send invalid Bluetooth requests to a mobile device or phone and this will take up the whole channel. This hinders legitimate devices from making contact via Bluetooth with the attacked device.

5. WEP Weaknesses

WEP encryption is still one of the most common security implementations, and passwords can easily be cracked using Airsnort. It takes less then an hour to crack a busy access point’s password; the more packets captured, the faster it is to crack.

Handheld Mobile Devices (Smartphones and PDAs)

6. Clear Text Encryption Passwords

Mobile devices are portable. They get lost, stolen, and can quickly and easily be accessed when left lying around. Unfortunately, there are many third-party “encryption” programs that do not properly secure sensitive information such as username/password info, financials, etc. We have found that some of the most popular mobile encryption programs even store the password in plain text in the registry.

7. Malicious Code

"Airborne" mobile viruses have been increasing in complexity at a surprising pace. In the space of just one year, malware for mobile devices evolved to a complexity that took 20 years on desktop PCs. For example, we have already seen blended Trojan and virus threats that can spread through Smartphones using multiple wireless protocols. This could be problematic, as current mobile devices cannot support sophisticated antivirus software on current platforms.

Much of this “blended threat” malware activity has been seen on the Symbian Smartphone platform. For example, “Skulls” was one of the first trojans to infect Symbian Series 60 smart phones. When launched, the application claims to be an “Extended Theme Manager by Tee-222.” However, it then disables all other applications on the phone and replaces their icons with a skull and crossbones. Worse, it was more recently merged with Caribe to form the first “crossover” malware for smartphones.

Skulls and Caribe also merged to form Metal Gear, a trojan that masqerades as the game with the same name. Metal Gear uses Skulls to deactivate the devices antivirus. Thus, it was the first anti-AV malware for Symbian phones. The malware also drops SEXXXY.sis to the device, an installer that adds code to disable the handset menu button. The Trojan then uses Caribe to transmit itself to new devices

Another example of blending is the Gavno.a Trojan, which is spread via a file called patch.sis (it masquerades as phone patch). Gavno uses a malformed file to crash an internal Symbian process, thus disabling the phone. The effect is to disable all handset buttons and to completely prevent the user from making calls. It may also cause a continual rebooting loop. It is only 2kb in size, and it has already seen variants merged with Caribe to spread to other phones.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th